SecDSVL: a Domain-Specific Visual Language to support enterprise security modelling

Mohamed Almorsy; John Grundy

doi:10.1109/ASWEC.2014.18

SecDSVL: a Domain-Specific Visual Language to support enterprise security modelling

Mohamed Almorsy, John Grundy

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

21 Citations (Scopus)

Abstract

Enterprise security management requires capturing different security and IT systems' details, analyzing and enforcing these security details, and improving employed security to meet new risks. Adopting structured models greatly helps in simplifying and organizing security specification and enforcement processes. However, existing security models are generally limited to specific security details and do not deliver a comprehensive security model. They also often do not have user-friendly notations, being complicated extensions of existing modeling languages (such as UML). In this paper, we introduce a comprehensive Security Domain Specific Visual Language (SecDSVL), which enables capturing of key security details to support enterprise systems security management process. We discuss our SecDSVL, tool support and the model-based enterprise security management approach it supports, give a usage example, and present evaluation experiments of SecDSVL.

Original language	English
Title of host publication	Proceedings - 2014 23rd Australasian Software Engineering Conference, ASWEC 2014
Editors	Jim Steel, Liming Zhu
Place of Publication	Piscataway NJ USA
Publisher	IEEE, Institute of Electrical and Electronics Engineers
Pages	152-161
Number of pages	10
ISBN (Electronic)	9781479931491
DOIs	https://doi.org/10.1109/ASWEC.2014.18
Publication status	Published - 2014
Externally published	Yes
Event	Australasian Software Engineering Conference 2014 - Sydney, Australia Duration: 7 Apr 2014 → 10 Apr 2014 Conference number: 23rd https://web.archive.org/web/20181115114126/http://aswec2014.org/ https://ieeexplore.ieee.org/xpl/conhome/6823821/proceeding (Proceedings)

Conference

Conference	Australasian Software Engineering Conference 2014
Abbreviated title	ASWEC 2014
Country/Territory	Australia
City	Sydney
Period	7/04/14 → 10/04/14
Internet address	https://web.archive.org/web/20181115114126/http://aswec2014.org/ https://ieeexplore.ieee.org/xpl/conhome/6823821/proceeding (Proceedings)

Keywords

Domain Specific Visual Language
model-based security management
visual modelling tools

Access to Document

10.1109/ASWEC.2014.18

Cite this

@inproceedings{d8b4b3ba09bc4400b7e812a3b6e42338,

title = "SecDSVL: a Domain-Specific Visual Language to support enterprise security modelling",

abstract = "Enterprise security management requires capturing different security and IT systems' details, analyzing and enforcing these security details, and improving employed security to meet new risks. Adopting structured models greatly helps in simplifying and organizing security specification and enforcement processes. However, existing security models are generally limited to specific security details and do not deliver a comprehensive security model. They also often do not have user-friendly notations, being complicated extensions of existing modeling languages (such as UML). In this paper, we introduce a comprehensive Security Domain Specific Visual Language (SecDSVL), which enables capturing of key security details to support enterprise systems security management process. We discuss our SecDSVL, tool support and the model-based enterprise security management approach it supports, give a usage example, and present evaluation experiments of SecDSVL.",

keywords = "Domain Specific Visual Language, model-based security management, visual modelling tools",

author = "Mohamed Almorsy and John Grundy",

year = "2014",

doi = "10.1109/ASWEC.2014.18",

language = "English",

pages = "152--161",

editor = "Steel, \{Jim \} and Liming Zhu",

booktitle = "Proceedings - 2014 23rd Australasian Software Engineering Conference, ASWEC 2014",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

address = "United States of America",

note = "Australasian Software Engineering Conference 2014, ASWEC 2014 ; Conference date: 07-04-2014 Through 10-04-2014",

url = "https://web.archive.org/web/20181115114126/http://aswec2014.org/, https://ieeexplore.ieee.org/xpl/conhome/6823821/proceeding",

}

Almorsy, M & Grundy, J 2014, SecDSVL: a Domain-Specific Visual Language to support enterprise security modelling. in J Steel & L Zhu (eds), Proceedings - 2014 23rd Australasian Software Engineering Conference, ASWEC 2014., 6824120, IEEE, Institute of Electrical and Electronics Engineers, Piscataway NJ USA, pp. 152-161, Australasian Software Engineering Conference 2014, Sydney, New South Wales, Australia, 7/04/14. https://doi.org/10.1109/ASWEC.2014.18

SecDSVL: a Domain-Specific Visual Language to support enterprise security modelling. / Almorsy, Mohamed; Grundy, John.
Proceedings - 2014 23rd Australasian Software Engineering Conference, ASWEC 2014. ed. / Jim Steel; Liming Zhu. Piscataway NJ USA: IEEE, Institute of Electrical and Electronics Engineers, 2014. p. 152-161 6824120.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - SecDSVL

T2 - Australasian Software Engineering Conference 2014

AU - Almorsy, Mohamed

AU - Grundy, John

N1 - Conference code: 23rd

PY - 2014

Y1 - 2014

N2 - Enterprise security management requires capturing different security and IT systems' details, analyzing and enforcing these security details, and improving employed security to meet new risks. Adopting structured models greatly helps in simplifying and organizing security specification and enforcement processes. However, existing security models are generally limited to specific security details and do not deliver a comprehensive security model. They also often do not have user-friendly notations, being complicated extensions of existing modeling languages (such as UML). In this paper, we introduce a comprehensive Security Domain Specific Visual Language (SecDSVL), which enables capturing of key security details to support enterprise systems security management process. We discuss our SecDSVL, tool support and the model-based enterprise security management approach it supports, give a usage example, and present evaluation experiments of SecDSVL.

AB - Enterprise security management requires capturing different security and IT systems' details, analyzing and enforcing these security details, and improving employed security to meet new risks. Adopting structured models greatly helps in simplifying and organizing security specification and enforcement processes. However, existing security models are generally limited to specific security details and do not deliver a comprehensive security model. They also often do not have user-friendly notations, being complicated extensions of existing modeling languages (such as UML). In this paper, we introduce a comprehensive Security Domain Specific Visual Language (SecDSVL), which enables capturing of key security details to support enterprise systems security management process. We discuss our SecDSVL, tool support and the model-based enterprise security management approach it supports, give a usage example, and present evaluation experiments of SecDSVL.

KW - Domain Specific Visual Language

KW - model-based security management

KW - visual modelling tools

UR - https://www.scopus.com/pages/publications/84903533948

U2 - 10.1109/ASWEC.2014.18

DO - 10.1109/ASWEC.2014.18

M3 - Conference Paper

AN - SCOPUS:84903533948

SP - 152

EP - 161

BT - Proceedings - 2014 23rd Australasian Software Engineering Conference, ASWEC 2014

A2 - Steel, Jim

A2 - Zhu, Liming

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - Piscataway NJ USA

Y2 - 7 April 2014 through 10 April 2014

ER -

SecDSVL: a Domain-Specific Visual Language to support enterprise security modelling

Abstract

Conference

Keywords

Access to Document

Other files and links

Cite this